Skip to main content
Skip table of contents

Application Assessment

Purpose

This article describes how to set up a Application Assessment scan.

Introduction

In Outpost24, the Application Assessment feature evaluates the security risks and vulnerabilities within an organization's software applications. This assessment is a crucial component of any vulnerability management program, as vulnerabilities in applications can be exploited by attackers to gain unauthorized access to sensitive data or systems. The assessment identifies vulnerabilities and considers the security of an application throughout its lifecycle, including design, development, testing, deployment, and maintenance, especially when scanned in multiple stages of its Software Development Life Cycle. It also takes into account the application's dependencies, including third-party libraries and frameworks, as these can introduce additional security risks and vulnerabilities. Regular execution of Application Assessments is strongly recommended, as new vulnerabilities can be introduced when applications are updated or new features are added.

Setting up an Application Assessment

  1. Select Application assessment.

    Portal_scan_conf_app_assement_URL.png

  2. Fill in the targets.
    When adding more than one target, separate them using a new line.
    The targets can be added as:

    • URL - https://example.com

    • IPv4 - 203.0.113.1

    • IPv4:port - 198.51.100.5:5291

    • IPv6 - [2001:db8:1:2:3:4:5:6]

    • IPv6:port - [2001:db8:2fa:bba:dd3:f3c:11:2b]:928

    • Hostname - cumulus

  3. After adding the targets, click the blue ADD button in the lower right corner.

URL-entries not starting with https protocol are prefixed with https://.

A configuration name is extracted from the host, optional port and path to build a unique and user-friendly representation of the added configuration. URL fragments and queries are not used for configuration names.

Example inputs and generated configuration names:

  • https://example.com/ > example.com

  • https://example.com:8080/admin/login/ > example.com:8080/admin/login

  • https://example.com:8080/admin/#/login > example.com:8080/admin

  • https://example.com:8080/admin?relogin=true > example.com:8080/admin

  • http://192.0.2.99:8081 > 192.0.2.99:8081

The Choose scanner (HIAB only) option is visible if at least one Appsec scanner is available.

  • The first scanner in the list is selected by default.

  • The selected scanner can be changed in the Edit view.

To add scans in HIAB Appsec, one of the regular HIAB scanners must be turned into Appsec scanner.
See Setting up a HIAB as an Appsec Scale Scanner for more information.




Copyright

© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.